Vulnerabilities > Docker
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-05-18 | CVE-2015-3629 | Link Following vulnerability in multiple products Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container. | 7.8 |
2014-12-12 | CVE-2014-6408 | Permissions, Privileges, and Access Controls vulnerability in Docker 1.3.0/1.3.1 Docker 1.3.0 through 1.3.1 allows remote attackers to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image. | 5.0 |
2014-12-12 | CVE-2014-6407 | Link Following vulnerability in Docker Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation. | 7.5 |